package com.yong.component;

import org.apache.cxf.binding.soap.SoapHeader;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.headers.Header;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
import org.springframework.util.StringUtils;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

import javax.xml.soap.SOAPException;
import java.util.List;

/**
 * webservice接口校验信息接口
 * 这样的一些细节，还得找文档，找熟悉这个操作的人
 * @author yong.liu
 */
public class AuthInterceptor extends AbstractPhaseInterceptor<SoapMessage> {

    private String username;
    private String password;

    public AuthInterceptor(String username, String password) {
        // 定义在什么阶段进行拦截
        super( Phase.PRE_PROTOCOL );
        this.username = username;
        this.password = password;
    }

    @Override
    public void handleMessage(SoapMessage soapMessage) throws Fault {
        String username = null;
        String password = null;
        List<Header> headers = soapMessage.getHeaders();
        if (headers == null) {
            throw new Fault( new IllegalArgumentException( "headers未取到，无法验证用户信息" ) );
        }
        // 获取客户端传递的用户名和密码
        for (Header header : headers) {
            SoapHeader soapHeader = (SoapHeader) header;
            Element e = (Element) soapHeader.getObject();
//            e.setPrefix( "ser" );
            NodeList usernameNode = e.getElementsByTagName( "username" );
//            usernameNode.item( 0 ).setPrefix( "ser" );
            NodeList passwordNode = e.getElementsByTagName( "password" );
//            passwordNode.item( 0 ).setPrefix( "ser" );
            username = usernameNode.item( 0 ).getTextContent();
            password = passwordNode.item( 0 ).getTextContent();
            if (StringUtils.isEmpty( username ) || StringUtils.isEmpty( password )) {
                throw new Fault( new IllegalArgumentException( "用户信息为空！" ) );
            }
        }
        // 校验客户端用户名密码是否和服务端一致
        if (!(this.username.equals( username ) && this.password.equals( password ))) {
            throw new Fault( new SOAPException( "用户信息认证失败！" ) );
        }
    }

}
